{"id":"https://openalex.org/W7117544323","doi":"https://doi.org/10.1145/3772290.3772297","title":"Near Real Time Detection of APT Attack in Industrial IoT Environment","display_name":"Near Real Time Detection of APT Attack in Industrial IoT Environment","publication_year":2025,"publication_date":"2025-12-30","ids":{"openalex":"https://openalex.org/W7117544323","doi":"https://doi.org/10.1145/3772290.3772297"},"language":null,"primary_location":{"id":"doi:10.1145/3772290.3772297","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3772290.3772297","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 27th International Conference on Distributed Computing and Networking","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5121523016","display_name":"Bidya Sahu","orcid":null},"institutions":[{"id":"https://openalex.org/I90752740","display_name":"Berhampur University","ror":"https://ror.org/03m3xkg41","country_code":"IN","type":"education","lineage":["https://openalex.org/I90752740"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Bidya Sahu","raw_affiliation_strings":["NIST University, Berhampur, Odisha, India"],"raw_orcid":"https://orcid.org/0009-0002-6005-9824","affiliations":[{"raw_affiliation_string":"NIST University, Berhampur, Odisha, India","institution_ids":["https://openalex.org/I90752740"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110725646","display_name":"S. M. Raiyan Chowdhury","orcid":"https://orcid.org/0000-0002-2166-9024"},"institutions":[{"id":"https://openalex.org/I99364266","display_name":"Academy of Scientific and Innovative Research","ror":"https://ror.org/053rcsq61","country_code":"IN","type":"education","lineage":["https://openalex.org/I99364266"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Suman Chowdhury","raw_affiliation_strings":["Academy of Scientific and Innovative Research, Ghaziabad, Uttar Pradesh, India"],"raw_orcid":"https://orcid.org/0000-0002-2166-9024","affiliations":[{"raw_affiliation_string":"Academy of Scientific and Innovative Research, Ghaziabad, Uttar Pradesh, India","institution_ids":["https://openalex.org/I99364266"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5017978859","display_name":"Rajesh P. Barnwal","orcid":"https://orcid.org/0000-0002-0427-5533"},"institutions":[{"id":"https://openalex.org/I70735523","display_name":"Central Mechanical Engineering Research Institute","ror":"https://ror.org/059h0ng81","country_code":"IN","type":"facility","lineage":["https://openalex.org/I2799351866","https://openalex.org/I4210134808","https://openalex.org/I66760702","https://openalex.org/I70735523"]},{"id":"https://openalex.org/I99364266","display_name":"Academy of Scientific and Innovative Research","ror":"https://ror.org/053rcsq61","country_code":"IN","type":"education","lineage":["https://openalex.org/I99364266"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Rajesh P. Barnwal","raw_affiliation_strings":["CSIR-Central Mechanical Engineering Research Institute, Durgapur, West Bengal, India and Faculty of Engineering Sciences, Academy of Scientific and Innovative Research, Ghaziabad, Uttar Pradesh, India"],"raw_orcid":"https://orcid.org/0000-0002-0427-5533","affiliations":[{"raw_affiliation_string":"CSIR-Central Mechanical Engineering Research Institute, Durgapur, West Bengal, India and Faculty of Engineering Sciences, Academy of Scientific and Innovative Research, Ghaziabad, Uttar Pradesh, India","institution_ids":["https://openalex.org/I99364266","https://openalex.org/I70735523"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5121523016"],"corresponding_institution_ids":["https://openalex.org/I90752740"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.61791056,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"148","last_page":"152"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.35749998688697815,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.35749998688697815,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.15940000116825104,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.08919999748468399,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.487199991941452},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.46810001134872437},{"id":"https://openalex.org/keywords/class","display_name":"Class (philosophy)","score":0.446399986743927},{"id":"https://openalex.org/keywords/industrial-internet","display_name":"Industrial Internet","score":0.4269999861717224},{"id":"https://openalex.org/keywords/function","display_name":"Function (biology)","score":0.41850000619888306},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.41110000014305115},{"id":"https://openalex.org/keywords/baseline","display_name":"Baseline (sea)","score":0.4041999876499176},{"id":"https://openalex.org/keywords/digital-forensics","display_name":"Digital forensics","score":0.3384000062942505}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.720300018787384},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.487199991941452},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.46810001134872437},{"id":"https://openalex.org/C2777212361","wikidata":"https://www.wikidata.org/wiki/Q5127848","display_name":"Class (philosophy)","level":2,"score":0.446399986743927},{"id":"https://openalex.org/C202839342","wikidata":"https://www.wikidata.org/wiki/Q60740481","display_name":"Industrial Internet","level":3,"score":0.4269999861717224},{"id":"https://openalex.org/C14036430","wikidata":"https://www.wikidata.org/wiki/Q3736076","display_name":"Function (biology)","level":2,"score":0.41850000619888306},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.41110000014305115},{"id":"https://openalex.org/C12725497","wikidata":"https://www.wikidata.org/wiki/Q810247","display_name":"Baseline (sea)","level":2,"score":0.4041999876499176},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3732999861240387},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3517000079154968},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.351500004529953},{"id":"https://openalex.org/C84418412","wikidata":"https://www.wikidata.org/wiki/Q3246940","display_name":"Digital forensics","level":2,"score":0.3384000062942505},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.3310999870300293},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.32589998841285706},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.31040000915527344},{"id":"https://openalex.org/C40071531","wikidata":"https://www.wikidata.org/wiki/Q2513962","display_name":"Industrial control system","level":3,"score":0.296099990606308},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.2896000146865845},{"id":"https://openalex.org/C81669768","wikidata":"https://www.wikidata.org/wiki/Q2359161","display_name":"Precision and recall","level":2,"score":0.2854999899864197},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.2838999927043915},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.2786000072956085},{"id":"https://openalex.org/C59201141","wikidata":"https://www.wikidata.org/wiki/Q46904","display_name":"GSM","level":2,"score":0.27149999141693115},{"id":"https://openalex.org/C100660578","wikidata":"https://www.wikidata.org/wiki/Q18733","display_name":"Recall","level":2,"score":0.2628999948501587},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.2597000002861023},{"id":"https://openalex.org/C2777421447","wikidata":"https://www.wikidata.org/wiki/Q17517","display_name":"Mobile phone","level":2,"score":0.25600001215934753},{"id":"https://openalex.org/C179768478","wikidata":"https://www.wikidata.org/wiki/Q1120057","display_name":"Cyber-physical system","level":2,"score":0.250900000333786}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3772290.3772297","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3772290.3772297","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 27th International Conference on Distributed Computing and Networking","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.6724073886871338}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":5,"referenced_works":["https://openalex.org/W3093253286","https://openalex.org/W3130970113","https://openalex.org/W4200494353","https://openalex.org/W4214611057","https://openalex.org/W4224914413"],"related_works":[],"abstract_inverted_index":{"Industrial":[0],"Internet":[1],"of":[2,44,68,117],"Things":[3],"(IIoT)":[4],"networks":[5],"underpin":[6],"critical":[7],"infrastructure":[8],"across":[9],"sectors":[10],"such":[11],"as":[12],"energy,":[13],"manufacturing,":[14],"and":[15,32,60,96,109,127],"healthcare,":[16],"but":[17],"remain":[18],"highly":[19],"vulnerable":[20],"to":[21,62,80],"stealthy":[22],"Advanced":[23],"Persistent":[24],"Threats":[25],"(APTs).":[26],"This":[27],"paper":[28],"presents":[29],"a":[30,75,124],"lightweight":[31],"near":[33],"real-time":[34],"APT":[35,69,131],"detection":[36,132],"framework":[37],"that":[38],"leverages":[39],"FastKAN,":[40],"an":[41],"efficient":[42],"variant":[43],"the":[45,86,97,115],"Kolmogorov-Arnold":[46],"Network,":[47],"in":[48,133],"combination":[49],"with":[50],"system":[51],"provenance":[52],"data.":[53],"Provenance":[54],"graphs":[55],"are":[56],"encoded":[57],"using":[58],"Node2Vec":[59],"Word2Vec":[61],"capture":[63],"subtle":[64],"behavioural":[65],"patterns":[66],"indicative":[67],"activity.":[70],"We":[71],"employ":[72],"Borderline-SMOTE":[73],"alongside":[74],"weighted":[76],"cross-entropy":[77],"loss":[78],"function":[79],"address":[81],"class":[82],"imbalance.":[83],"Evaluated":[84],"on":[85],"CIC-APT-IIoT2024":[87],"dataset,":[88],"our":[89,118],"method":[90],"achieves":[91],"95.14%":[92],"accuracy,":[93],"95.11%":[94],"F1-score,":[95],"lowest":[98],"inference":[99],"time":[100],"(0.9533s)":[101],"among":[102],"all":[103],"baseline":[104],"models,":[105],"demonstrating":[106],"superior":[107],"recall":[108],"computational":[110],"efficiency.":[111],"These":[112],"results":[113],"establish":[114],"practicality":[116],"approach":[119],"for":[120,130],"IIoT":[121],"security,":[122],"offering":[123],"balanced,":[125],"fast,":[126],"effective":[128],"solution":[129],"industrial":[134],"environments.":[135]},"counts_by_year":[],"updated_date":"2025-12-31T23:11:33.660297","created_date":"2025-12-30T00:00:00"}